$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft File: Q2XRedW3PoqX7eBQXynvAMLWPvk.mft (raw, json) Hash identifier: pk8LtJZPIXpz9j5yyZcQvuS14bH4J4ThTUyqhjgVb4E= Subject key identifier: D1:99:0D:FC:70:E2:0E:7C:DA:13:83:35:7C:C5:AE:13:9E:48:11:B4 Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 Certificate issuer: /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Certificate serial: 02B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft Manifest number: 02AD Signing time: Tue 01 Jul 2025 02:10:49 +0000 Manifest this update: Tue 01 Jul 2025 02:10:49 +0000 Manifest next update: Tue 08 Jul 2025 02:10:49 +0000 Files and hashes: 1: Q2XRedW3PoqX7eBQXynvAMLWPvk.crl (hash: 4Rhl1Q2Diw1vT66ETbZ9gc+/TCfgNBUpBTW7bFt0c40=) 2: E9A9531644D611F0ABB89277C4F9AE02.roa (hash: GeKHBnqKWQ5odcVSCSiPOuNHSoS5ENhlNwIJeq+zQ50=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 694 (0x2b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139555, serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Validity Not Before: Jul 1 02:10:49 2025 GMT Not After : Jul 8 02:10:49 2025 GMT Subject: CN=686343a9-b9ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:bf:cd:99:e9:f1:f3:8b:ee:e7:ac:a7:c8:56: bb:89:9d:ec:7e:26:6e:85:52:ee:b3:04:73:27:dd: 83:96:24:cb:ec:2b:3d:5e:b2:7c:13:8f:5b:8f:a6: 82:cb:ef:17:31:d4:dc:5c:dd:29:b0:50:ec:36:e5: 08:2c:a5:fb:6c:9c:44:03:77:5d:e5:78:61:58:2a: f2:9b:7f:e3:1f:9a:d5:a3:f3:26:62:09:86:61:43: 2a:1f:88:92:68:3a:49:77:37:9f:27:e2:85:46:54: c4:1c:03:f4:7c:66:91:61:a6:d9:22:66:3e:ef:03: 9c:e1:33:3c:e8:99:e3:38:1a:61:c2:b0:c3:cf:b9: 97:88:aa:69:30:68:1c:82:32:95:a4:b5:aa:75:f6: 42:83:3f:12:69:b3:c0:16:75:6d:13:bf:bc:a7:e1: 1d:40:db:8a:e4:19:81:93:79:ee:8c:c8:f1:5e:26: 65:4f:3e:f5:54:8b:c6:34:dc:4f:cc:6f:fe:1a:9d: 0b:78:95:c3:a2:8b:d8:aa:ae:06:6f:6c:94:6e:9e: 03:00:d2:21:cb:c8:a9:89:7a:3b:6e:17:b3:1e:6e: 5f:fb:fe:e8:1e:ca:62:f0:3b:16:1b:7f:75:8e:48: 52:b1:7d:12:e0:f5:d7:97:4a:f3:ef:c6:20:e0:48: 78:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:99:0D:FC:70:E2:0E:7C:DA:13:83:35:7C:C5:AE:13:9E:48:11:B4 X509v3 Authority Key Identifier: keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:d5:1b:fe:29:8f:2b:94:c3:77:05:0c:bb:4f:b6:d4:01:1b: 99:4e:60:1a:3d:7e:cb:1e:84:f4:08:31:e5:f0:1e:43:32:69: 07:5b:fe:ef:1f:0c:b7:2b:1f:25:34:70:26:14:01:f0:14:41: 2d:6b:45:2e:76:ab:ba:59:31:d4:7c:54:85:c0:c5:ec:0a:d0: ac:c1:80:d7:23:71:d1:a9:9b:b7:b3:50:a1:fe:34:b9:5c:fc: b9:e2:65:a4:1a:af:4c:04:dc:4e:86:66:26:11:95:82:3c:78: 7d:5b:2d:fb:76:6b:53:33:c7:fb:d1:09:37:53:8c:1f:44:a1: 1d:6e:85:42:12:3b:3d:8d:76:1a:ec:16:21:b4:0a:81:ef:27: 14:f4:90:52:d5:bd:82:0a:cc:2d:71:c5:60:29:57:3d:3a:4c: 31:a2:92:7c:99:55:cc:26:9e:09:5e:14:4c:9c:cf:32:82:23: 60:71:3c:8d:52:18:53:a6:67:60:c8:8f:63:36:34:42:83:a1: 78:dc:01:fc:db:c6:f9:57:a7:56:39:a9:d1:1d:be:d5:9f:b5: fb:00:1a:75:e6:f8:47:7b:b2:aa:58:a0:a9:01:49:4f:09:b7: 99:56:41:25:67:58:83:5c:61:00:40:eb:84:8d:6b:3d:52:5d: 77:68:9e:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw QzJENjNFRjkwHhcNMjUwNzAxMDIxMDQ5WhcNMjUwNzA4MDIxMDQ5WjAYMRYwFAYD VQQDEw02ODYzNDNhOS1iOWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlb/Nmenx84vu56ynyFa7iZ3sfiZuhVLuswRzJ92DliTL7Cs9XrJ8E49bj6aC y+8XMdTcXN0psFDsNuUILKX7bJxEA3dd5XhhWCrym3/jH5rVo/MmYgmGYUMqH4iS aDpJdzefJ+KFRlTEHAP0fGaRYabZImY+7wOc4TM86JnjOBphwrDDz7mXiKppMGgc gjKVpLWqdfZCgz8SabPAFnVtE7+8p+EdQNuK5BmBk3nujMjxXiZlTz71VIvGNNxP zG/+Gp0LeJXDoovYqq4Gb2yUbp4DANIhy8ipiXo7bhezHm5f+/7oHspi8DsWG391 jkhSsX0S4PXXl0rz78Yg4Eh4/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNGZDfxw 4g582hODNXzFrhOeSBG0MB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTU1NS9EQzdEMTQ1QTAyMkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1Bv cVg3ZUJRWHludkFNTFdQdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCF1Rv+KY8rlMN3BQy7T7bUARuZTmAaPX7LHoT0CDHl8B5DMmkHW/7v Hwy3Kx8lNHAmFAHwFEEta0Uudqu6WTHUfFSFwMXsCtCswYDXI3HRqZu3s1Ch/jS5 XPy54mWkGq9MBNxOhmYmEZWCPHh9Wy37dmtTM8f70Qk3U4wfRKEdboVCEjs9jXYa 7BYhtAqB7ycU9JBS1b2CCswtccVgKVc9OkwxopJ8mVXMJp4JXhRMnM8ygiNgcTyN UhhTpmdgyI9jNjRCg6F43AH828b5V6dWOanRHb7Vn7X7ABp15vhHe7KqWKCpAUlP CbeZVkElZ1iDXGEAQOuEjWs9Ul13aJ4w -----END CERTIFICATE-----Generated at Wed Jul 2 23:10:40 2025 by rpki-client